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REAL PARTY IN INTEREST 

The assignee of the above -referenced patent application, 
Sun Microsystems, Inc., is the real party in interest. 
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RELATED APPEALS AND INTERFERENCES 



No other appeals or interferences are known to the 
undersigned Attorney for Appellant, or the Assignee Appellant, 
which will directly affect, or be directly affected by, or have 
a bearing on the Board's decision in this pending Appeal. 
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STATUS OF CLAIMS 



Claims 30 to 51, 53 and 57 are pending. Claims 1 to 29, 
52 and 54 to 56 have been cancelled. Claims 30 to 51, 53 and 
57 stand rejected in the Final Office Action of March 27, 2008. 
The rejections of Claims 30 to 51, 53 and 57 are hereby 
appealed. 
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STATUS OF AMENDMENTS 



All amendments to the claims presented by Appellant have 
been entered. 
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SUMMARY OF CLAIMED SUBJECT MATTER 



A summary is provided below for each independent claim and 
for each dependent claim argued separately. 

CLAIM 30 

A small footprint device {Pg. 3, lines 21 to 23; Pg. 28, 
lines 16 to 18} includes at least one processing element {300 
(Fig. 3)}, on the small footprint device, configured to execute 
groups of one or more program modules {Pg. 5, lines 6 to 16; 
pg. 9, lines 9 to 14} in separate contexts {760, 770 (Figs. 7 
and 12); See also, 420, 620, (Fig. 6)}. The separate contexts 
are included in a runtime environment {700, (Fig. 7); Pg. 18, _ 
lines 19 to 22} on the small footprint device. The runtime 
environment {700, (Fig. 7); Pg . 18, lines 19 to 22} includes an 
operating system {710, (Fig. 7); Pg. 18, lines 22 to 23}. The 
separate contexts {760, 770 (Figs. 7 and 12)} are removed from- 
and over the operating system {710, (Fig. 7); Pg. 18, lines 22 
to 23} on the small footprint device. 

The one or more program modules include zero or more sets 
of executable instructions and zero or more sets of data 
definitions {Pg. 5, lines 6 to 16; pg. 9, lines 9 to 14}. The 
zero or more sets of executable instructions and the zero or 
more data definitions are grouped as object definitions {Pg. 5, 
lines 6 to 16; pg. 9, lines 9 to 14}. Each context {760, 770 
(Figs. 7 and 12)} includes a protected object instance space 
such that at least one {1200, 1210 (Fig. 12); pg 24, lines 16 
to 20} of the object definitions is instantiated in association 
with a particular context. {See also, Fig. 6, contexts 420, 
620; objects 440, 640; Pg . 18, lines 7 to 18.} 

A memory {310, (Fig. 3)}, on the small footprint device, 
includes instances of objects {1200, 1210 (Fig. 12); pg 24, 
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lines 16 to 20} . {See also, Fig. 6, contexts 420, 620; objects 
440, 640; Pg . 18, lines 7 to 18.} 

A context barrier {600, (Figs 6 and 12); pg. 18, lines 7 
to 18; See also "Firewall" in Fig. 7}, in the runtime 
environment {700, (Fig. 7); Pg. 18, lines 19 to 22} and removed 
from and over the operating system {710, (Fig. 7); Pg. 18, 
lines 22 to 23} separates and isolates the contexts {Pg. 18, 
lines 7 to 18}. The context barrier is configured for 
controlling execution of at least one instruction of one of the 
zero or more sets of instructions comprised by a program module 
{See Figs. 8, 9 and 12; pg 20,: lines 12 to 23} based at least 
in part on whether the at. least one instruction is executed for 
an object instance {635, (Fig 6); See also, 800, (Fig. 8); pg. 
20,. lines 14 and 15} associated with, a first one {420, (Fig. 
6)} of the separate contexts {420, 620 (Fig. 6); See also 810.,. 
(Fig..* 8) ; pg . 20, lines .14 and 15} and whether the at least one 
instruction is requesting access to an instance {640, (Fig. 6)} 
of an object definition associated with a second one {620, 
(Fig.. 6)} of the separate contexts. The context barrier {60Q, 
(Figs 6 and 12); pg. 18, lines 7 to 18; See also "Firewall" in 
Fig. 7} further is configured' to prevent the access if the 
access is unauthorized {840, (Fig. 8); pg. 20, line 17} and 
enable the access if the access is authorized {830, (Fig. 8) ; 
pg. 20, line 18} . 

An entry point object {1210, (Fig. 12); pg. 24, line 20 to 
pg. 25, line 2}, in the runtime environment and removed from 
and over the operating system, for permitting one program 
module {1200, (Fig. 12); pg. 24, lines 16 to 18} in one {770, 
(Fig. 12); pg. 24, lines 16 to 18} of the separate contexts, to 
directly access information from another program module in 
another{760, (Fig. 12); pg. 24, lines 16 to 18} of the separate 
contexts, across the context barrier {600, (Fig. 12)}. 
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CLAIM 43 

A method of operating a small footprint device {Pg. 3, 
lines 21 to 23; Pg. 28, lines 16 to 18} that includes a 
processing machine {300 (Fig. 3)}. Program modules are 
executed on the processing machine. 

The method includes separating contexts {760, 770 (Figs. 7 
and 12); See also, 420, 620, (Fig. 6.)}, on the small footprint 
device, using a context barrier {600, (Figs 6 and 12); pg. 18, 
lines 7 to 18; See also "Firewall",; in Fig. 7}. The context 
barrier is configured for controlling execution of at least one 
instruction of one of the zero or. more sets of instructions 
comprised by a program module {See. Figs. 8, 9 and 12; pg 20, 
lines' 12 to 23} based at least in. part on whether the at least 
one instruction is executed for an object instance {635, (Fig, 
6); See also, 800, (Fig. 8); pg. 20, lines 14 and 15} 
associated with a first one {420, (Fig. 6)} of the separate 
contexts {420, 620 (Fig. 6); See also 810, (Fig. 8); pg . 20, 
lines 14 and 15} and whether, the. : at least one instruction is 
requesting access to an instance \{ 640 , (Fig. 6)} of an object 
definition associated with a second, one {620, (Fig. 6)} of the 
separate contexts . 

The separate contexts {760, 770 (Figs. 7 and 12)} and the 
context barrier are included in a runtime environment {700, 
(Fig. 7); Pg. 18, lines 19 to 22} on the small footprint 
device. The runtime environment {700, (Fig. 7); Pg. 18, lines 
19 to 22} includes an operating system {710, (Fig. 7); Pg. 18, 
lines 22 to 23}. The separate contexts {760, 770 (Figs. 7 and 
12) } and the context barrier are removed from and over the 
operating system {710, (Fig. 7); Pg. 18, lines 22 to 23}. The 
separating includes preventing the access if the access is 
unauthorized {840, (Fig. 8); pg. 20, line 17}; and enabling the 
access if the access is authorized {830, (Fig. 8) ; pg. 20, line 
18} . 
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The method also includes executing groups of one or more 
program modules {Pg. 5, lines 6 to 16; pg. 9, lines 9 to 14} in 
separate contexts {760, 770 (Figs. 7 and 12); See also, 420, 
620, (Fig. 6)}. The one or more program modules comprising 
zero or more sets of executable instructions and zero or more 
sets of data definitions {Pg. 5, lines 6 to 16; pg. 9, lines 9 
to 14}. The zero or more sets of executable instructions and 
the zero or more data definitions grouped as object definitions 
{Pg. 5, lines 6 to 16; pg. 9, lines 9. to 14}. Each context 
{760, 770 (Figs. 7 and 12)} includes a. protected object 
instance space such that at least one :{:1200, 1210 (Fig. 12); pg 
24, lines 16 to 20} of the object definitions is instantiated 
in association with a particular context.. {See also, Fig. 6, 
contexts 420, 620; objects 440, 640; Pg.. .18, lines 7 to 18.}. 

. The method further includes permitting direct access to 
information from one program module, in one {760, (Fig. 12) ; 
pg. 24, lines 16 to 18} of the separate contexts, by another 
program module, in another {770, (Fig. 12); pg. 24, lines 16 to 
.18} of the separate contexts, across the context barrier {600,^ 
(Fig. 12)} using an entry point object {1210, (Fig. 12); pg. 
2.4,. line 20 to pg . 25, line 2} wherein the entry point object 
is in the runtime environment and is removed from and over the 
operating system. 

CLAIM 47 

A method of permitting access to information on a small 
footprint device {Pg. 3, lines 21 to 23; Pg. 28, lines 16 to 
18} from a first program module to a second program module 
separated by a context barrier {600, (Figs 6 and 12) ; pg. 18, 
lines 7 to 18; See also "Firewall" in Fig. 7}. The small 
footprint device {Pg. 3, lines 21 to 23; Pg. 28, lines 16 to 
18} includes at least one processing element {300 (Fig. 3)}, on 
the small footprint device, configured to execute groups of one 
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or more program modules {Pg. 5, lines 6 to 16; pg. 9, lines 9 
to 14} in separate contexts {760, 770 (Figs. 7 and 12); See 
also, 420, 620, (Fig. 6)}. 

The one or more program modules include zero or more sets 
of executable instructions and zero or more sets of data 
definitions {Pg. 5, lines 6 to 16; pg. 9, lines 9 to 14}. The 
zero or more sets of executable instructions and the zero or 
more data definitions are grouped as object definitions {Pg. 5, 
lines 6 to 16; pg. 9, lines 9 to 14}. Each context {760, 770 
(Figs. 7 and 12)} includes a protected object instance space 
such that at least one {1200, 1210 (Fig. 12); pg 24, lines 16 
to 20} of the object definitions is instantiated in association 
with a. particular context. {See also, Fig. 6, contexts 420, 
620; objects 440, 640; Pg . 18, lines 7 to 18.} 

The separate contexts are included .in a .runtime 
environment {700, (Fig. 7); Pg. 18, lines 19 to 22} on the 
small footprint device. The runtime environment {700, (Fig. 
7) ; Pg. 18, lines 19 to 22} includes an operating system {710, 
(Fig. 7); Pg. 18, lines 22 to 23}. The separate contexts . (760 , 
770 (Figs. 7 and 12)} are removed from and over the operating 
system -{710, (Fig. 7); Pg . 18, lines 22 to 23}. 

A memory {310, (Fig. 3)}, on the small footprint device, 
includes instances of objects {1200, 1210 (Fig. 12); pg 24, 
lines 16 to 20}. {See also, Fig. 6, contexts 420, 620; objects 
440, 640; Pg . 18, lines 7 to 18.} 

A context barrier {600, (Figs 6 and 12); pg. 18, lines 7 
to 18; See also "Firewall" in Fig. 7} , in the runtime 
environment {700, (Fig. 7); Pg. 18, lines 19 to 22} and removed 
from and over the operating system {710, (Fig. 7) ; Pg. 18, 
lines 22 to 23} separates and isolates the contexts {Pg. 18, 
lines 7 to 18}. The context barrier is configured for 
controlling execution of at least one instruction of one of the 
zero or more sets of instructions comprised by a program module 
{See Figs. 8, 9 and 12; pg 20, lines 12 to 23} based at least 
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in part on whether the at least one instruction is executed for 
an object instance {635, (Fig 6) ; See also, 800, (Fig. 8) ; pg. 
20, lines 14 and 15} associated with a first one {420, (Fig. 
6)} of the separate contexts {420, 620 (Fig. 6); See also 810, 

(Fig. 8); pg. 20, lines 14 and 15} and whether the at least one 
instruction is requesting access to an instance {640, (Fig. 6)} 
of an object definition associated with a second one {620, 

(Fig. 6)} of the separate contexts. The context barrier {600, 

(Figs 6 and 12); pg . 18, lines 7 to 18; See also "Firewall" in 
Fig. 7} further is configured to prevent the access if the 
access is unauthorized {840, (Fig. 8); pg. 20, line 17} and 
enable the access if the access is authorized {8.30, (Fig. 8) ; 
pg. 20, line 18} . 

The method includes creating an entry point object {1210, 

(Fig. 12); pg. 24, line 2 0. to pg. 25, line 2}, in the runtime 
environment and removed from and over the operating system,:- .: * 
which may be accessed by at least two program modules. The . 
method Includes using the entry point object {1210, (Fig. 12); 
pg. . 24, line 20 to pg. 25, line 2} to permit direct access to . 
information of one program module of the at .least two program . 
modules in one {760, (Fig. 12); pg. 24, lines 16 to 18} of the. 
separate contexts, by an other {1200, (Fig. 12)} of the at 
least two program modules in another {770, (Fig. 12); pg. 24, 
lines 16 to 18} of the separate contexts, across the context 
barrier {600, (Fig. 12)}. 

CLAIM 51 

A computer program product includes a memory storage 
medium and a computer controlling element. The computer 
controlling element includes instructions for implementing a 
context barrier {600, (Figs 6 and 12); pg. 18, lines 7 to 18; 
See also "Firewall" in Fig. 7} on a small footprint device {Pg. 
3, lines 21 to 23; Pg. 28, lines 16 to 18} and for bypassing 
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the context barrier {600, (Figs 6 and 12)} using an entry point 
object {1210, (Fig. 12); pg. 24, line 20 to pg. 25, line 2} to 
permit direct access to information from one program module, in 
one context {760, (Fig. 12); pg. 24, lines 16 to 18}, by 
another program module, in a different separate context {770, 
(Fig. 12); pg . 24, lines 16 to 18}. The context barrier and 
the entry point object are included in a runtime environment 
{700, (Fig. 7); Pg . 18, lines 19 to 22} on the small footprint 
device. The runtime environment includes an operating ; system 
{710, (Fig. 7) ; Pg . 18, lines 22 to 23} where the context 
barrier and the entry point are removed from and over the 
operating system. 

The small footprint device {Pg. 3, lines 21 to 23 ; ; Pg. 28, 
lines 16. to 18} includes at least one processing element {300 
(Fig. 3)}, on the small footprint device, configured to execute 
groups of one or more program. modules {Pg. 5, lines 6 to 16; 
pg. 9, lines 9 to 14} in separate contexts {760.,- 770 (Figs. 7 
and 12); See also, 420, 620, (Fig. 6)}. The one or more 
program modules include zero or more sets of executable 
instructions and zero or more sets of data definitions {Pg. 5, 
lines 6 to 16; pg . 9, lines 9 to 14}. The zero or more sets of 
executable instructions and the zero or more data definitions 
are grouped as object definitions {Pg. 5, lines 6 to 16; pg. 9, 
lines 9 to 14} . 

Each context {760, 770 (Figs. 7 and 12)} includes a 
protected object instance space such that at least one {1200, 
1210 (Fig. 12); pg 24, lines 16 to 20} of the object 
definitions is instantiated in association with a particular 
context. {See also, Fig. 6, contexts 420, 620; objects 440, 
640; Pg. 18, lines 7 to 18.} The separate contexts {760, 770 
(Figs. 7 and 12)} are included in the runtime environment {700, 
(Fig. 7); Pg . 18, lines 19 to 22} and are removed from and over 
the operating system {710, (Fig. 7); Pg. 18, lines 22 to 23}. 
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A memory {310, (Fig. 3)}, on the small footprint device, 
includes instances of objects {1200, 1210 (Fig. 12); pg 24, 
lines 16 to 20} . {See also, Fig. 6, contexts 420, 620; objects 
440, 640; Pg . 18, lines 7 to 18.} 

A context barrier {600, (Figs 6 and 12); pg. 18, lines 7 
to 18; See also "Firewall" in Fig. 7} separates and isolates 
the contexts {Pg. 18, lines 7 to 18}. The context barrier is 
configured for controlling execution of at least one 
instruction of one of the zero or more sets of instructions- 
comprised by a program module {See Figs. 8, 9 and 12; pg.20, 
dines 12 to 23} based at least in part on whether the at,. least 
one instruction is executed for an object instance {63.5, (Fig 
6K; See also, 800, (Fig. 8); pg. 20, lines 14 and 15} 
associated with a first one {420, (Fig. 6)} of the separate 
contexts {420, 620 (Fig. 6); .See. also 810, (Fig. 8); pg. 20,. 
lines 14 and 15}. and whether the" at: .least one instruction is 
requesting access to an instance. {640, (Fig. 6)} of an'object 
definition associated with a second one {620, (Fig. 6):} of the 
.separate contexts.- The. context * barrier {600, (Figs 6 and 12); 
pg. ! 18, lines 7 to 18; See also "Firewall" in Fig. 7} further 
is- configured to prevent the access if the access is 
unauthorized {840, (Fig. 8); pg. 20, line 17} and enable the 
access if the access is authorized {830, (Fig. 8); pg. 20, line 
18} . 

CLAIM 53 

A computer program product includes a memory storage 
medium and a computer controlling element. The computer 
controlling element includes instructions for separating a 
plurality of programs on a small footprint device {Pg. 3, lines 
21 to 23; Pg. 28, lines 16 to 18} by running them in respective 
contexts {760, 770 (Figs. 7 and 12); See also, 420, 620, (Fig. 
6) } and for permitting one program to access information from 
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another program by bypassing a context barrier {600, (Figs 6 
and 12); pg. 18, lines 7 to 18; See also "Firewall" in Fig. 7} 
using an entry point object {1210, (Fig. 12); pg. 24, line 20 
to pg. 25, line 2} to permit direct access to information from 
one program, in one context {760, (Fig. 12) ; pg. 24, lines 16 
to 18}, by another program in a different separate 
context {770, (Fig. 12); pg. 24, lines 16 to 18}. The context 
barrier and the entry point object are included in a runtime 
environment {700, (Fig. 7); Pg. 18, lines 19 to 22} on the 
small footprint device. The runtime environment includes an 
operating system {710, (Fig. 7); Pg. 18, lines 22 to 23} where 
the context barrier and the entry point are removed from and 
over the operating system. . 

The small footprint device {Pg. 3, lines 21 to 23 ; ; Pg. 28, 
lines 16 to 18} includes at least one processing element {300 
"(Fig.. 3)}, on the small footprint, device, configured to execute 
groups of one or more program modules {Pg. 5, lines 6 to 16; 
pg. 9, lines 9 to 14} in separate contexts {760, 770 (Figs. 7 
and .12) ; See also, 420, 620, (Fig.. 6) }. The one or more 
program modules include zero or more sets of executable 
instructions and zero or more sets of data definitions {Pg. 5, 
lines 6 to 16; pg. 9, lines 9 to 14}. The zero or more sets of 
executable instructions and the zero or more data definitions 
are grouped as object definitions {Pg. 5, lines 6 to 16; pg. 9, 
lines 9 to 14}. Each context {760, 770 (Figs. 7 and 12)} 
includes a protected object instance space such that at least 
one {1200, 1210 (Fig. 12); pg 24, lines 16 to 20} of the object 
definitions is instantiated in association with a particular 
context. {See also, Fig. 6, contexts 420, 620; objects 440, 
640; Pg. 18, lines 7 to 18.} The separate contexts {760, 770 
(Figs. 7 and 12)} are included in the runtime environment {700, 
(Fig. 7); Pg. 18, lines 19 to 22} and are removed from and over 
the operating system {710, (Fig. 7); Pg. 18, lines 22 to 23}. 
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A memory {310, (Fig. 3)}, on the small footprint device, 
includes instances of objects {1200, 1210 (Fig. 12); pg 24, 
lines 16 to 20} . {See also, Fig. 6, contexts 420, 620; objects 
440, 640; Pg . 18, lines 7 to 18.} 

A context barrier {600, (Figs 6 and 12); pg. 18, lines 7 
to 18; See also "Firewall" in Fig. 7} separates and isolates 
the contexts {Pg. 18, lines 7 to 18}. The context barrier is 
configured for controlling execution of at least one 
instruction of one of the zero or more sets of instructions 
comprised by a program module {See Figs. 8, 9 and 12; pg 20, 
lines 12 to 23} based at least, in part on whether the at least 
one instruction is executed for an object instance {635, (Fig 
6); See also, 800, (Fig.. 8) ;. pg. 20, lines 14 and 15} 
associated with a first one {420, (Fig. 6) } of the separate 
contexts . {420, 620 (Fig.; 6); See also. 810", (Fig. 8); pg. 20., 
lines ,14; and 15} and. whether the at least one instruction is 
requesting access to an instance {640, (Fig. 6)} of an object 
definition associated with a second one {620, (Fig. 6)} of the 
separate contexts. The context barrier {600, (Figs 6 and 12) ; . 
pg. 18, lines 7 to 18; See also "Firewall" in Fig. 7} further 
is configured to prevent the access if the access is 
unauthorized {840, (Fig. 8) ; pg . 20, line 17} and enable the 
access if the access is authorized {830, (Fig. 8); pg. 20, line 
18}. 

CLAIM 57 

A method of transmitting code over a network {200, 
(Fig. 2) } includes transmitting a block of code from a server 
{210, (Fig. 2)}. The block of code comprising instructions for 
implementing an entry point object {1210, (Fig. 12); pg. 24, 
line 20 to pg. 25, line 2} for bypassing a context barrier 
{600, (Figs 6 and 12); pg . 18, lines 7 to 18; See also 
"Firewall" in Fig. 7} on a small footprint device {Pg. 3, lines 
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21 to 23; Pg. 28, lines 16 to 18} over a communications link. 
The context barrier and the entry point object are included in 
a runtime environment {700, (Fig. 7); Pg. 18, lines 19 to 22}. 
The runtime environment includes an operating system {710, 

(Fig. 7); Pg . 18, lines 22 to 23} where the context barrier and 
the entry point are removed from and over the operating system. 

The entry point object {1210, (Fig. 12); pg. 24, line 20 to 
pg. 25, line 2} permits direct access to information from one 
program module,- in one context {760, (Fig. 12); pg. 24, lines 
16 to 18}, by another program module in another different 
context {770, .(.Fig. 12); pg. 24., lines 16 to 18}. 

The small . footprint > device {Pg. 3, lines 21 to 23; Pg. 28, 
lines 16 to 18} includes at least one processing element {300 

(Fig. 3)}, on the small footprint device, configured to execute 
groups of one or. more program modules {Pg. 5, lines 6 to 16; 
pg. 9, lines 9 to 14} in separate contexts. {760, 770 (Figs. 7 
and 12);- See also, 420, 620, (Fig. 6)}. The one or more 
program modules include zero' or more sets of executable 
instructions and zero or more, sets of data definitions; {Pg.. 5, 
lines 6 to 16; pg. 9, lines 9 to 14}. The zero or more sets of 
executable instructions and the zero or more data definitions 
are grouped as object definitions {Pg. 5, lines 6 to 16; pg. 9, 
lines 9 to 14}. Each context {760, 770 (Figs. 7 and 12)} 
includes a protected object instance space such that at least 
one {1200, 1210 (Fig. 12); pg 24, lines 16 to 20} of the object 
definitions is instantiated in association with a particular 
context. {See also, Fig. 6, contexts 420, 620; objects 440, 
640; Pg. 18, lines 7 to 18.} The separate contexts {760, 770 

(Figs. 7 and 12)} are included in the runtime environment {700, 

(Fig. 7); Pg. 18, lines 19 to 22}, on the small footprint 
device, and are removed from and over the operating system 
{710, (Fig. 7); Pg . 18, lines 22 to 23}. 

A memory {310, (Fig. 3)}, on the small footprint device, 
includes instances of objects {1200, 1210 (Fig. 12); pg 24, 
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lines 16 to 20} . {See also, Fig. 6, contexts 420, 620; objects 
440, 640; Pg . 18, lines 7 to 18.} 

A context barrier {600, (Figs 6 and 12) ; pg. 18, lines 7 
to 18; See also "Firewall" in Fig. 7} separates and isolates 
the contexts {Pg. 18, lines 7 to 18}. The context barrier is 
configured for controlling execution of at least one 
instruction of one of the zero or more sets of instructions 
comprised by a program module {See Figs. 8, 9 and 12; pg 20, 
lines 12 to 23} based at least in part on whether the at least 
one instruction is executed for an object instance {635, (Fig 
6); See also, 800, (Fig. 8); pg. 20, lines 14 and 15} 
associated with a first one {420, (Fig. .6)} of the separate 
contexts {420, 620 (Fig. 6); See also 810, (Fig. 8); pg..20, 
lines 14 and 15}. and whether the at least one instruction is 
requesting access to an instance ,.{ 6.4.0 ; . (Fig. 6)} of anrobject 
definition associated with a second one {620, (Fig. 6)} of the 
separate contexts. The context barrier {600, (Figs 6 and 12); 
pg. 18, lines 7 to 18; See also "Firewall" in Fig. 7} further 
is configured to prevent the access if the access is 
unauthorized {840, (Fig. 8); pg. 20,. line 17} and enabfle the 
access if the access, is authorized {830, (Fig. 8); pg.; 20,. line 
18}. 
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GROUNDS OF REJECTION TO BE REVIEWED ON APPEAL 



1. Whether Claims 3 0 to 51, 53 and 57 are unpatentable 
under 35 U.S.C. 102(a) as being anticipated by WIPO Patent 
Publication No. WO 98/32073, hereinafter referred to as 
Bischof? 
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ARGUMENT 



CLAIMS 30 to 51, 53 and 57 ARE PATENTABLE FOR MULTIPLE REASONS . 



The rejection of Claims 30 to 51, 53, and 57 under 35 
U.S.C. § 102(a) as being anticipated by WIPO Patent Publication 
No. WO 98/32073, hereinafter referred to as Bischof, is in 
error for multiple reasons and should be withdrawn. 

As demonstrated more completely below, the rejection 
reduces claim limitations to a gist— a form of analysis that is 
impermissible for an obviousness rejection and so cannot be 
part of an anticipation rejection. Also, the rejection takes 
pieces of Bischof out of context and then mixes and matches 
different parts of Bischof, which also is inappropriate in an 
obviousness rejection and so cannot form the' basis for an 
anticipation rejection. 

The MPEP's summary of the court decisions on anticipation 
indicates that at least two showings are "mandatory for an 
anticipation rejection, i.e., 

TO ANTICIPATE A CLAIM, THE REFERENCE MUST TEACH EVERY 
ELEMENT OF THE CLAIM 

. . . . "The identical invention must be shown in as complete 
detail as is contained in the ... claim." Richardson v. Suzuki 
Motor Co., 868 F.2d 1226, 1236, 9 USPQ2d 1913, 1920 (Fed. Cir. 
1989) . The elements must be arranged as required by the claim, 
but this is not an ipsissimis verbis test, i.e., identity of 
terminology is not required. In re Bond, 910 F.2d 831, 15 
USPQ2d 1566 (Fed. Cir. 1990) . 
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MPEP § 2131, 8 Ed., Rev. 6, p. 2100-67 (Sept. 2007). Thus, not 
only must Bischof teach the elements as arranged by the claims, 
but also Bischof must teach the identical invention in as 
complete detail as recited in the claims. Bischof fails to 
meet these requirements. 
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THE PLAIN MEAING OF THE CLAIMS 



Claim 30 is used as an example. Each of the other 
independent claims includes equivalent or similar limitations. 
Claim '30 defines in detail a "context barrier . . . for 
separating and isolating contexts." (CLAIMS APPENDIX, Claim 
30, lines 24 to 26, pg. 31.) The contexts separated and 
isolated by the context barrier, are defined in the claim as 
including "a protected object instance space," (CLAIMS 
APPENDIX, Claim 30, lines 18 to 19, pg . 31.) and the protected 
object instance space includes at least one object instance, 
e.g., "at least one of said object definitions is instantiated, 
in association with a particular context." (CLAIMS APPENDIX, 
Claim 30 r , lines 19 to 21, pg . 31. ) The claim also defines the 
actions taken by the context barrier when an object instance in 
one context attempts to access information of another object 
instance in a different context. (CLAIMS APPENDIX, Claim 30, 
lines 26 to 37, pgs . 31, 32.) Thus, the claim language itself 
defines with specificity the context barrier, the contexts 
associated with the context barrier, and objects associated 
with a context. 

The claim also recites an entry point object (CLAIMS 
APPENDIX, Claim 30, line 38, pg . 32.) and specifies that the 
entry point object allows bypassing the recited operation of 
the context barrier by permitting a program module in one of 
the contexts to directly access information in a different 
context where the two contexts are separated by the context 
barrier. (CLAIMS APPENDIX, Claim 30, lines 38 to 43, pg . 32.) 

The above interpretation of Claim 3 0 follows directly from 
the plain meaning of the claim and relies upon only the claim 
language itself. The MPEP requires that "words of the claim 
must be given their plain meaning unless the plain meaning is 
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inconsistent with the specification." MPEP § 2111.01, I., 8th 
Ed. Rev. 6, p 2100-38 (September 2007) . 

THE REJECTION MISCHARACTERIZES AT LEAST A CONTEXT BARRIER, 
CONTEXTS, AND AN ENTRY POINT 



The rejection confuses the express relationship of the 
elements recited in these claims and mischaracterizes Bischof. 
The rejection fails to consistently use "terminology . 
Specifically, after the rejection equates an element of Bischof 
to an element in the claim, the rejection fails to demonstrate 
that Bischof teaches the limitations with respect to that 
element of Bischof in the same, level of detail and arranged as 
recited in the claim. 

For example, the rejection, first stated: 

As per claims 30, 43, 47, 51,53, , and 57, Bischof discloses 
the creation and use of guard objects (context ba : rriers) 
for processing invocations of a context ' s entry point (see 
p. 5, lines 26-28) before those contexts are instantiated 
in response to object requests (see p. 10, lines 10-33) . 
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Final Office Action, dated 10/27/2008, Section 5, lines 3 to 6, 
pg 3. 

The rejection equates the guard objects of Bischof to 
plural context barriers and not the single context barrier 
recited in these claims. To satisfy the MPEP requirements for 
an anticipation rejection, the rejection must demonstrate that 
Bischof teaches a guard object that includes each of the 
limitations associated with context barrier as recited in the 
claims . 

The rejection fails to do this and instead the remainder 
of this paragraph of the rejection (Final Office Action, dated 
10/27/2008, Section 5, lines 6 to 13, pg. 3) makes statements 
about contexts, which (i) are not supported by the citations in 
this part of the rejection, and (ii) are not related to the 
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guard objects as taught by Bischof . The rejection not only 
reduces the express claim limitations to a gist, but also the 
rejection uses terminology and interpretations that are not 
supported by Bischof while apparently ignoring the express 
definitions and statements of Bischof. 

Specifically, the rejection ignores the explicit 
recitation of the limitations recited in the claims with 
respect to a single context barrier and the contexts associated 
with that single context barrier. First as noted above, the 
contexts include object instances, which have been 
instantiated, and the single context barrier separates and 
isolates these different contexts. 

Bischof defines an object instance, at Pg. 7, lines 7 to 9 . 
Thus, the rejection must cite to some teaching of a context 
that includes the objects as defined by. Bischof and th;en.:a* 
context barrier that separates such contexts to demonstrate 
that Bischof meets the "in the same detail" requirement for the 
anticipation rejection. The rejection does not do this. • 
' '' 'Rather the rejection makes a statement about guard rings 
being plural context barriers and then, as quoted above, cites 
to a definition of a sandbox (Bischof, pg. 5, lines 26-26) and 
the description of an interception manager (Bischof, pg. 10, 
lines 10 to 33.) The only teaching in these portions about a 
guard object is: 

. . .To control access alone may not be sufficient in some 
cases and it may be necessary to monitor or to audit 
resource usage. This demands a further component of the 
security mechanism to be invoked before and/or after the 
protected resource is used. Such an object is called a 
guard which can be inserted by the interception manager. 

Bischof, pg. 10, lines 29 to 33. 

Thus, the sections cited in the rejection define a sandbox 
and an interception manager. As part of the interception 
manager description, Bischof provides an overview of the 
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operation of a guard ring. Such a description fails to 
demonstrate that a guard object, which the rejection, as quoted 
above, equated to the context barrier, included the limitations 
recited in the claims with respect to the context barrier. 
This is direct evidence that Appellants claim language and not 
any teaching in Bischof is the basis for the rejection. 

A GUARD OBJECT IS NOT A CONTEXT BARRIER AS RECITED IN THE 
CLAIMS . 

Bischof expressly teaches that a guard object is 
associated with an object reference. Bischof, Pg. 8, at lines 
7. to 9. - "An object reference . is a pointer to a location of a . 
method of an entity." Bischof, Pg. 7, line 17.. Thus according. 
tor-Bischof , a guard object is associated with a pointer.' 

Bischof at page . 11 / lines 15 to 32 described the function , 
of the guard object and does not describe a guard object as' - 
separating and isolating /contexts as recited in the claims, but 
rather.- the guard object controls operations associated with, the 
method at the location of the object reference. Accordingly, 
the characterization in the rejection of a guard ring that is 
associated with separating contexts is unsupported by Bischof. 

Also, as demonstrated above, the statement about contexts in 
the rejection has nothing to do with what Bischof describes as 
being associated with a guard object. Bischof fails to teach 
or suggest a context barrier and the contexts as recited in 
these claims and so Bischof fails to anticipate or render 
obvious these claims. These facts alone are sufficient to 
overcome the anticipation rejection. 
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THE REJECTION ADMITS THAT THE GUARD RING FAILS TO TEACH A 
CONTEXT AS RECITED IN THE CLAIMS 

The rejection admits that the guard object of Bischof 
fails to teach the context barrier in the same level of detail 
as recited in the claim by first stating that the guard object 
processes "invocations of a context's entry point . . . before 
those contexts are instantiated." (Final Office Action, dated 
10/27/2008, Section 5, lines 4 and 5, pg . 3) . Following the 
rationale of the rejection, if a context is not instantiated, 
it is not possible for an object instance to exist within that 
context. Accordingly, the rejection on its face admits that 
the context cannot include an instance of an object as ; recited 
in these claims. Therefore, the guard object, as interpreted 
in the rejection, fails to teach the context barrier in the 
same level of detail as recited. in the claims for. yet other 
reasons i 

THE REJECTION IGNORES THE. RELATIONSHIP BETWEEN THE ENTRY 
POINT, CONTEXTS, AND THE CONTEXT BARRIER AS RECITED IN THE 
CLAIMS 

As discussed above, the rejection takes the guard rings of 
Bischof as context barriers. Using this definition to 
demonstrate that Bischof reads on an entry point object as 
recited in the claims, the rejection must cite some teaching of 
an object instance in one context accessing information of 
another object instance directly and in the process bypassing 
the guard ring. The rejection fails to do this. 

Rather, the rejection stated: 

Also, a gate in a java sandbox equates to an entry points 
object for direct access to information (see pg. 5 lines 
26-27) . Note, that the sandbox is "a playground to which 
Java applets are confined and applets execution 
environment is delineated by borders with defined gates 



Page 24 of 44 



Serial No. 10/659,554 

Notice of Appeal Entered: February 2, 2009 
Appeal Brief Filed: April 1, 2009 



(entry and exit points)". Thus, a gate taught by Bishof 
[Sic] , permits direct access to information from one 
program module of at least two program modules, in one of 
separate context, by another program module of said at 
least two program modules, in another of said separate 
context, across context barrier. 



Final Office Action, dated 10/27/2008, Last paragraph of 
Section 5 bridging Pgs. 3 and 4. 

The advisory action attempts to support this rationale by 
stating: 

Furthermore, it appears that applicant overlooked the 
architecture of Bishop's [Sic] invention, in particular 
( the fact that "sandbox" is an abstract concept employing 

various mechanisms to provide security of objects, in the 
runtime environment. . !| 
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Advisory Action, dated 01/09/2009 at pg. 2. 

The rejection confuses access of information in and out of 
the sandbox with accessing information in different contexts 
separated by a context barrier as recited in the claims. The 
rejection has failed to show any teaching of a guard ring that 
prevents access between an object in a context in the .sandbox 
and an object in a context outside the sandbox, which would be 
at least one required showing to demonstrate that a guard ring 
teaches exactly the context barrier. 

The concept of a gate teaches away from such an 
interpretation of a guard ring, because Bischof taught that a 
gate and not any guard ring controlled access into and out of 
the sandbox. The rejection has failed to cite any teaching of 
Bischof about such a gate bypassing a guard ring. Thus, the 
rejection is inconsistent and has failed to demonstrate that 
Bischof anticipates the claims. 

Appellant has demonstrated that the rejection makes 
characterizations and generalizations that are not supported by 
any citation to Bischof. Accordingly, the rejection not only 
mischaracterizes both the claim language and Bischof, but also 
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the rejection failed to show that Bischof teaches the same 
elements arranged as required by the express claim language. 
This is further evidence that a prima facie anticipation 
rejection has not been made. Appellant again notes that any 
one of the showings is sufficient to overcome the anticipation 
rejection. 

THE REJECTION FAILED TO DEMONSTRATE THAT BISCHOF TEACHES A 
SMALL FOOTPRINT DEVICE AS RECITED IN THE CLAIMS . 

As just stated, any one of the above showings alone is 
sufficient to overcome the anticipation rejection. However, to 
avoid waiving the other errors in the rejection, Appellant 
notes that the rejection demonstrates that Bischof fails to. 
teach a small footprint device as .recited in the claims. The 
rejection stated: . . 

Additionally, as per newly introduced limitations a 
particular entity (e.g. as disclosed in Fig. 1) 
\ implementing Bishof 's [Sic] security mechanism to. protect 
: its resources equates to a small footprint device. 

Final Office Action, dated 10/27/2008, Section 5, lines 14 to 
16, Pg. 3. 

In interpreting this part of the rejection, the advisory 
action stated: 

Clearly, Bishofs [Sic] invention, requires at least memory 
and processing element (e.g. CPU) in order for the 
security mechanism disclosed by Bishof [Sic] to work, and 
an entity offering these elements (or, in other words, in 
which the Bishofs [Sic] security mechanism is implemented) 
was equated by the examiner to a small footprint device. 
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Advisory Action, dated 01/09/2009 at pg. 2. 

Appellant notes that the rejection, which relies upon 
Fig. 1 of Bischof, and the rationale in the Advisory Action use 
"entity" in a different way. The rejection reduces a small 
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footprint device to any device that includes a memory and a 
processing element . 

The rejection, as quoted above, relies upon Fig. 1 of 
Bischof as defining what an entity is, but then in the advisory- 
action stated an entity offering at least memory and processing 
element is equated to a small footprint device. This is error 
for multiple reasons. 

First, the entity in Fig. 1 of Bischof does not teach the 
memory and the processing element as recited in the claims. 
Second, the rejection has cited no teaching of any small 
footprint device in Bischof and so must rely upon inherency. 
Third, the rejection reduces the claim - limitation to a gist and': 
ignores, explicit claim . limitations . 

. The final rejection equates an entity as disclosed in 
Fig. 1 of Bischof to a*, specific physical . device, a small 
footprint device, as. recited in these claims. This is error'.' .. 
and ignores the specific, definition of an. entity according to ... 
Bischof. Bischof defined: 

Entities are considered as objects or referenced classes, 
. . . . (Emphasis in original) 

Bischof, pg. 7, lines 11, 12. 

Bischof also defined an object as: 

Objects encapsulate data and provide methods . . .Objects 
are created dynamically, that is, they are instantiated. 
(Emphasis in original) 

Bischof, pg. 7, lines 7 to 9 . Similarly, Bischof defined a 
class as: 

Classes are definitions for objects and are static. 
(Emphasis in original) 

Bischof, pg. 7, line 10. Thus, an entity, which is a 
referenced class, is not a physical device such as a small 
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footprint device including at least one processing element, a 
memory, and the other features recited in these claims. Thus, 
Fig. 1 and the description thereof cannot support the 
rejection. 

When Bischof does use an "entity" to mean a physical 
device, the teaching does not support the statements in the 
rejection. First, Bischof describes an open digital 
communication system that includes "physically and 
organizationally distributed independent entities." (Bischof, 
pg. 1, lines 8 and 9.) An example of such a system according 
to Bischof is "the Internet with it distributed processing 
stations, servers and end-user computers, which provide and own 
the resources, e.g. data and program files." (Bischof, pg. 1, 
lines 13 and 14.) Bischof further defines "Resources to be 
protected . . . are usually owned or provided by entities, 
e.g. , ^servers or other processing stations.". (Bischof, pg..:3, ■' 
lines-23, 24.) 

Thus, Bischof teaches that the physical entities are 
servers and other processing stations in a distributed network. 
The rejection ignores this teaching and apparently tries to 
rely upon inherency to assert that the system of Bischof, 
despite the teachings of Bischof, could be implemented on a 
small footprint device. Appellant notes that while a system 
implemented on a small footprint device may be able to be 
implemented on a server or a desk top computer, (Specification, 
pg. 29, lines 5 to 11) , there is no showing in the rejection 
that Bischof teaches that the converse is true. 

Accordingly, Bischof cannot support an inherency 
rejection. The MPEP directs: 

Inherency, however, may not be established by probabilities or 
possibilities. The mere fact that a certain thing may result 
from a given set of circumstances is not sufficient. 
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The possibility that Bischof, who failed to acknowledge a 
runtime environment suitable for use on a small footprint 
device, could be implemented on a small footprint device is not 
sufficient to rely upon inherency. 

Bischof is concerned with accessing resources over a 
distributed network, such as the Internet, and the rejection 
has failed to cite any teaching in Bischof of any need or 
desire to access a resource on a small footprint device. (See 
Bischof, Abstract.) Accordingly, there is not even a fact that 
a certain thing may result from the definition of an entity to 
support any conclusion about a small footprint device. 
Consequently, Bischof fails to even suggest such a small 
footprint device. 

Moreover, while the Examiner can interpret the claim 
language broadly, the MPEP puts limitations on the breadth of 
claim interpretation that can be used during examination. In 
particular, "During patent examination, the pending claims must 
be 1 given their broadest reasonable interpretation consistent 
with the specification. 1 " MPEP § 2111, 8th Ed. Rev. 6, p 2100- 
37 (August 2007) . One limitation on the broadest reasonable 
interpretation by the MPEP is "Where an explicit definition is 
provided by the applicant for a term, that definition will 
control interpretation of the term as it is used in the claim. " 
MPEP § 2106 C, 8th Ed. Rev. 6, p 2100-7 (September 2007). 

The specification defines: 

Devices with a small footprint are generally considered to 
be those that are restricted or limited in memory or in 
computing power or speed. 

Specification, pg. 28, lines 16 to 18. Also, 

In general, small footprint devices are resource 
constrained computational device and systems where secure 
interoperation of execution contexts is a concern. 
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Specification, pg. 28, lines 23 to 24. 

Accordingly, the interpretation in the rejection not only 
failed to consider these explicit definitions, but also relied 
upon an improper application of inherency. The incorrect 
characterization of a small footprint device alone is 
sufficient to overcome the anticipation rejection because it 
demonstrates that Bischof failed to describe the invention in 
the same level of detail and failed to describe the elements 
arranged as recited in these claims. 

Thus, each of Claims 30, 43, 47, 51, 53, and 57 
distinguish over Bischof for multiple - reasons . Appellant 
respectfully requests reconsideration and withdrawal of the 
anticipation rejection of each of Claims 30, 43, 47, 51, 53, 
and 57. . ! 

Claims 31 to 42 depend from Claim .30 and so distinguish 
over Bischof for at least the same reasons as Claim 3 0*1 
Appellant respectfully requests reconsideration and withdrawal 
of the anticipation rejection of each of Claims 31 to 42. 

Claims 44 to 46 depend from Claim 43 and so distinguish 
over Bischof for at least the same reasons as Claim 43.. 
Appellant respectfully requests reconsideration and withdrawal 
of the anticipation rejection of each of Claims 44 to 46. 

Claims 48 to 50 depend from Claim 47 and so distinguish 
over Bischof for at least the same reasons as Claim 47. 
Appellant respectfully requests reconsideration and withdrawal 
of the anticipation rejection of each of Claims 48 to 50. 



CONCLUSION 
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For the reasons above, all appealed claims, i.e., Claims 
30 to 51, 53 and 57, are allowable. Appellant respectfully 
requests the Board of Patent Appeals and Interferences to 
reverse the Examiner's rejections under U.S.C. § 102(a) of 
these claims. 
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CLAIMS APPENDIX 



1. - 29 



(Cancelled) 
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30. (Previously Presented) A small footprint device 
comprising : 

at least one processing element, on said small 
footprint device, configured to execute groups of one or 
more program modules in separate contexts, wherein said 
separate contexts are included in a runtime environment on 
...said small^ footprint device, and. further wherein said 
runtime environment includes an operating system where 
■ ; said separate contexts are removed from and over said 
operating system on said small footprint device, 

wherein said one or more program modules 
comprising zero or more sets of executable 
instructions and zero or more sets of data 
definitions, 

said zero or more sets of executable ; 
instructions and said zero or more data definitions 
grouped as object definitions, and 

each context comprising a protected object 
instance space such that at least one of said object 
definitions is instantiated in association with a 
particular context; 

a memory, on the small footprint device, comprising 
instances of objects; 

a context barrier, in said runtime environment and 
removed from and over said operating system, for 
separating and isolating said contexts, said context 
barrier configured for controlling execution of at least 
one instruction of one of said zero or more sets of 
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instructions comprised by a program module based at least 
in part on whether said at least one instruction is 
executed for an object instance associated with a first 
one of said separate contexts and whether said at least 
one instruction is requesting access to an instance of an 
object definition associated with a second one of said 
separate contexts, said context barrier further configured 
to prevent said access if said access is unauthorized and 
enable said access if said access is authorized; and 

an entry point object, in said runtime environment 
and removed from and over said operating system, for 
permitting one program module, in one of said separate 
contexts, to directly access information from another 
program module, in another of said separate contexts, 
• ;: across said context barrier. 

31. (Previously Presented) The small footprint device of 
claim 30 in which said context barrier allocates separate name 
spaces for each program module. 

32. (Previously Presented) The small footprint device of 
claim 30 in which at least two program modules can access said 
entry point object even though they are located in different 
respective name spaces. 

33. (Previously Presented) The small footprint device of 
claim 30 in which said context barrier allocates separate 
memory spaces for each program module. 

34. (Previously Presented) The small footprint device of 
claim 33 in which at least two program modules can access said 
entry point object even though they are located in different 
respective memory spaces. 
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35. (Previously Presented) The small footprint device of 
claim 3 0 in which said context barrier enforces security checks 
on at least one of a principal, an object, and an action. 

36. (Previously Presented) The small footprint device of 
claim 35 in which at least one security check is based on 
partial name agreement between a principal, and an object. 

37. (Previously Presented) The small footprint device of 
claim 3 6 in which at least one program can access said entry 
point object without said at least one security check. 

38. (Previously Presented) The small footprint device of 
claim 35 in which at least one security check is based on 
memory space agreement between a principal and an object. 

39. (Previously Presented) The small footprint device of 
claim 38 in which at least one program can access said entry 
point object without said at least one security check. 

40. (Previously Presented) The small footprint device of 
claim 3 0 wherein an object instance is associated with a 
context by recording the name of said context in a header of 
said object instance, information in said header inaccessible 
to said one or more program modules. 

41. (Previously Presented) The small footprint device of 
claim 30 wherein 

said memory comprises object header data, said object 
header data comprising information associated with at 
least one of said instances of objects; and 

said controlling execution is based at least in part 
on said object header data. 
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42. (Previously Presented) The small footprint device of 
claim 30 wherein 

said memory is partitioned into a plurality of memory 
spaces with instances of objects allocated for storage in 
one of said plurality of storage spaces; and 

said controlling execution is based at least in part 
on determining the storage space allocated to an executing 
object instance and an accessed object instance. 

43. (Previously Presented) A method of operating a small 
footprint device that includes a processing machine, wherein 
program modules are executed on the processing machine; the 
method comprising: ;.. . 

separating contexts, on said small footprint ! device, 
using a context barrier, said context barrier configured 
for controlling execution of at least one instruction of 
one of zero or more sets of instructions comprised by a 
program module based at least in part on whether said at 
least one instruction is executed for an object instance 
associated with a first one of said separate contexts and 
whether said at least one instruction is requesting access 
to an instance of an object definition associated with a 
second one of said separate contexts, wherein said 
separate contexts and said context barrier are included in 
a runtime environment on said small footprint device and 
further wherein said runtime environment includes an 
operating system where said separate contexts and said 
context barrier are removed from and over said operating 
system, 

said separating further comprising: 

preventing said access if said access is 

unauthorized; and 

enabling said access if said access is 

authorized; 
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executing groups of one or more program modules in 
separate contexts, said one or more program modules 
comprising zero or more sets of executable instructions 
and zero or more sets of data definitions, said zero or 
more sets of executable instructions and said zero or more 
data definitions grouped as object definitions, each 
context comprising a protected object instance space such 
that at least one of said object definitions is 
instantiated in association with a particular context; and 

permitting direct access to information from one 
program module, in one of said separate contexts, by 
another program module, in another of said separate 
contexts, across said context barrier using an entry point 
object wherein said entry point object is in said runtime 
environment and is. removed from. and over said operating 
* •••• system. 

f • ... 

44. (Previously Presented) The method of claim 43 
wherein an object instance is associated with a context by 
recording the name of said context in a header of said object 
instance, information in said header inaccessible to s'aid one 
or more program modules. 

45. (Previously Presented) The method of claim 43 
wherein said controlling execution is based at least in part on 
object header data comprising information associated with at 
least one of said instances of objects. 

46. (Previously Presented) The method of claim 43 
wherein 

a memory of said small footprint device is 
partitioned into a plurality of memory spaces with 
instances of objects allocated for storage in one of said 
plurality of storage spaces; and 
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said controlling execution is based at least in part 
on determining the storage space allocated to an executing 
object instance and an accessed object instance. 

47. (Previously Presented) A method of permitting access 
to information on a small footprint device from a first program 
module to a second program module separated by a context 
barrier, said small footprint device comprising: 

at least one processing element, on the small 
footprint device, configured to execute groups of one or 
more program modules in separate contexts, said one or 
more program modules comprising zero or more sets of 
. . executable instructions and zero or more sets of data 
definitions, said zero or more sets of executable 
instructions and said. :zero or more data definitions 
grouped as object definitions, each context comprising a . 
protected object instance space such that at least one of : 
said object definitions is instantiated in association 
with a particular context wherein said separate contexts 
are included in a runtime environment on the small 
footprint device and further wherein said runtime 
environment includes an operating system where said 
separate contexts are removed from and over said operating 
system; 

a memory, on said small footprint device, comprising 
instances of objects; and 

a context barrier, in said runtime environment and 
removed from and over said operating system, for 
separating and isolating said contexts, said context 
barrier configured for controlling execution of at least 
one instruction of one of said zero or more sets of 
instructions comprised by a program module based at least 
in part on whether said at least one instruction is 
executed for an object instance associated with a first 
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one of said separate contexts and whether said at least 
one instruction is requesting access to an instance of an 
object definition associated with a second one of said 
separate contexts, said context barrier further configured 
to prevent said access if said access is unauthorized and 
enable said access if said access is authorized, the 
method comprising: 

creating an entry point object, in said runtime 
environment and removed from and over said operating 
system, which may be accessed by at least two program 
modules; and 

using said entry point object to permit direct 
access to information .from one program module of said 
at least two program modules, in one of said separate 
contexts, by an other program module of said at least 
two program modules:, in another of said separate 
contexts, across said context barrier. 

48. (Previously Presented) The method of claim 47 
wherein an object instance is associated with a context by 
recording the name of said context in a header of said object 
instance, information in said header inaccessible to said one 
or more program modules. 

49. (Previously Presented) The method of claim 47 
wherein said controlling execution is based at least in part on 
object header data comprising information associated with at 
least one of said instances of objects. 

50. (Previously Presented) The method of claim 47 
wherein 

a memory of said small footprint device is 
partitioned into a plurality of memory spaces with 
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instances of objects allocated for storage in one of said 
plurality of storage spaces; and 

said controlling execution is based at least in part 
on determining the storage space allocated to an executing 
object instance and an accessed object instance. 
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51. (Previously Presented) A computer program product, 
comprising : 

a memory storage medium; and 
a computer controlling element comprising 
instructions for implementing a context barrier on a small 
footprint device and for bypassing said context barrier 
using an entry point object to permit direct access to 
information from one program module, in one context, by 
another program module, in. a different separate context, 
wherein said context barrier and said entry point;, object 
are included in a runtime . environment on the small 
footprint device and further wherein said runtime . 
environment: includes an operating system where said 
. context barrier and said entry point are removed from and 
over said operating system, said small footprint device 
comprising : 

at least one processing element, on said small 
footprint device, configured to execute groups of one or 
more program modules in separate contexts, said one or 
more program modules comprising zero or more sets of 
executable instructions and zero or more sets of data 
definitions, said zero or more sets of executable 
instructions and said zero or more data definitions 
grouped as object definitions, each context comprising a 
protected object instance space such that at least one of 
said object definitions is instantiated in association 
with a particular context where said separate contexts are 
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included in said runtime environment and are removed from 
and over said operating system; 

a memory, on the small footprint device, comprising 
instances of objects; and 

a context barrier for separating and isolating said 
contexts, said context barrier configured for controlling 
execution of at least one instruction of one of said zero 
or more sets of instructions comprised by a program module 
based at least in part on whether said at least one 
instruction is executed for an object instance associated 
with a first one of; said separate contexts and whether 
said at least one instruction is requesting access to an 
instance of an object.def inition associated with a second 
one of said separate contexts, said context barrier 
further configured to prevent said access if said; access 
is unauthorized, and enable said access if said access is 
authorized. j 

. 52. (Cancelled) 

53. (Previously Presented) A computer program product, 
comprising : 

a memory storage medium; and 
a computer controlling element comprising 
instructions for separating a plurality of programs on a 
small footprint device by running them in respective 
contexts and for permitting one program to access 
information from another program by bypassing a context 
barrier using an entry point object to permit direct 
access to information from one program, in one context, by 
another program in a different separate context, wherein 
said context barrier and said entry point object are 
included in a runtime environment on the small footprint 
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device and further wherein said runtime environment 
includes an operating system where said context barrier 
and said entry point are removed from and over said 
operating system, said small footprint device comprising: 

at least one processing element, on said small 
footprint device, configured to execute groups of one or 
more program modules in separate contexts, said one or 
more program modules comprising zero or more sets. of 
executable instructions and zero or more sets of data 
definitions, said zero or more sets of executable 
instructions and said zero or more data definitions 
grouped as object definitions, each context comprising a 
protected object instance space such that at least one of 
said object definitions is instantiated in association 
with a particular context where said separate contexts are 
included in said runtime . environment and are removed from . 
and over said operating system; 

a memory, on the small footprint device, comprising 
instances of objects; and 

a context barrier for separating and isolating said 
contexts, said context barrier configured for controlling 
execution of at least one instruction of one of said zero 
or more sets of instructions comprised by a program module 
based at least in part on whether said at least one 
instruction is executed for an object instance associated 
with a first one of said separate contexts and whether 
said at least one instruction is requesting access to an 
instance of an object definition associated with a second 
one of said separate contexts, said context barrier 
further configured to prevent said access if said access 
is unauthorized and enable said access if said access is 
authorized. 

54. (Cancelled) 
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55. (Cancelled) 

56. (Cancelled) 

57. (Previously Presented) A method of transmitting code 
over a network, comprising transmitting a block of code from a 
server, said block of code comprising instructions for 
implementing an entry point object for bypassing a context 
barrier on a small footprint device over a communications link, 
wherein said context barrier and.:.said entry point object are 
included in a runtime environment and further wherein said 
runtime environment includes an .operating system where said 
context barrier and said entry point are removed from and over 
said operating system and further wherein said entry point 
object permits direct access-to-information from one program 
module, in one context, by another program module in another 
different context, said small footprint device comprising: 

at least one processing element, on the small 
footprint device, configured to execute groups of. one or 
more program modules in separate contexts, said one or 
more program modules comprising zero or more sets of 
executable instructions and zero or more sets of data 
definitions, said zero or more sets of executable 
instructions and said zero or more data definitions 
grouped as object definitions, each context comprising a 
protected object instance space such that at least one of 
said object definitions is instantiated in association 
with a particular context where said separate contexts are 
included in said runtime environment, on the small 
footprint device, and are removed from and over said 
operating system; 

a memory, on the small footprint device, comprising 
instances of objects; and 
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a context barrier for separating and isolating said 
contexts, said context barrier configured for controlling 
execution of at least one instruction of one of said zero 
or more sets of instructions comprised by a program module 
based at least in part on whether said at least one 
instruction is executed for an object instance associated 
with a first one of said separate contexts and whether 
said at least one instruction is requesting access to an 
instance of an object definition associated with a second 
one of said separate contexts, said context barrier 
further configured to prevent said. access if said access 
is unauthorized and enable said access if said access is 
authorized. 
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